1/* $NetBSD: postconf.c,v 1.2 2017/02/14 01:16:46 christos Exp $ */
2
3/*++
4/* NAME
5/* postconf 1
6/* SUMMARY
7/* Postfix configuration utility
8/* SYNOPSIS
9/* .fi
10/* .ti -4
11/* \fBManaging main.cf:\fR
12/*
13/* \fBpostconf\fR [\fB-dfhHnopvx\fR] [\fB-c \fIconfig_dir\fR]
14/* [\fB-C \fIclass,...\fR] [\fIparameter ...\fR]
15/*
16/* \fBpostconf\fR [\fB-epv\fR] [\fB-c \fIconfig_dir\fR]
17/* \fIparameter\fB=\fIvalue ...\fR
18/*
19/* \fBpostconf\fR \fB-#\fR [\fB-pv\fR] [\fB-c \fIconfig_dir\fR]
20/* \fIparameter ...\fR
21/*
22/* \fBpostconf\fR \fB-X\fR [\fB-pv\fR] [\fB-c \fIconfig_dir\fR]
23/* \fIparameter ...\fR
24/*
25/* .ti -4
26/* \fBManaging master.cf service entries:\fR
27/*
28/* \fBpostconf\fR \fB-M\fR [\fB-fovx\fR] [\fB-c \fIconfig_dir\fR]
29/* [\fIservice\fR[\fB/\fItype\fR]\fI ...\fR]
30/*
31/* \fBpostconf\fR \fB-M\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR]
32/* \fIservice\fB/\fItype\fB=\fIvalue ...\fR
33/*
34/* \fBpostconf\fR \fB-M#\fR [\fB-v\fR] [\fB-c \fIconfig_dir\fR]
35/* \fIservice\fB/\fItype ...\fR
36/*
37/* \fBpostconf\fR \fB-MX\fR [\fB-v\fR] [\fB-c \fIconfig_dir\fR]
38/* \fIservice\fB/\fItype ...\fR
39/*
40/* .ti -4
41/* \fBManaging master.cf service fields:\fR
42/*
43/* \fBpostconf\fR \fB-F\fR [\fB-fhHovx\fR] [\fB-c \fIconfig_dir\fR]
44/* [\fIservice\fR[\fB/\fItype\fR[\fB/\fIfield\fR]]\fI ...\fR]
45/*
46/* \fBpostconf\fR \fB-F\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR]
47/* \fIservice\fB/\fItype\fB/\fIfield\fB=\fIvalue ...\fR
48/*
49/* .ti -4
50/* \fBManaging master.cf service parameters:\fR
51/*
52/* \fBpostconf\fR \fB-P\fR [\fB-fhHovx\fR] [\fB-c \fIconfig_dir\fR]
53/* [\fIservice\fR[\fB/\fItype\fR[\fB/\fIparameter\fR]]\fI ...\fR]
54/*
55/* \fBpostconf\fR \fB-P\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR]
56/* \fIservice\fB/\fItype\fB/\fIparameter\fB=\fIvalue ...\fR
57/*
58/* \fBpostconf\fR \fB-PX\fR [\fB-v\fR] [\fB-c \fIconfig_dir\fR]
59/* \fIservice\fB/\fItype\fB/\fIparameter ...\fR
60/*
61/* .ti -4
62/* \fBManaging bounce message templates:\fR
63/*
64/* \fBpostconf\fR \fB-b\fR [\fB-v\fR] [\fB-c \fIconfig_dir\fR]
65/* [\fItemplate_file\fR]
66/*
67/* \fBpostconf\fR \fB-t\fR [\fB-v\fR] [\fB-c \fIconfig_dir\fR]
68/* [\fItemplate_file\fR]
69/*
70/* .ti -4
71/* \fBManaging TLS features:\fR
72/*
73/* \fBpostconf\fR \fB-T \fImode\fR [\fB-v\fR] [\fB-c \fIconfig_dir\fR]
74/*
75/* .ti -4
76/* \fBManaging other configuration:\fR
77/*
78/* \fBpostconf\fR \fB-a\fR|\fB-A\fR|\fB-l\fR|\fB-m\fR [\fB-v\fR]
79/* [\fB-c \fIconfig_dir\fR]
80/* DESCRIPTION
81/* By default, the \fBpostconf\fR(1) command displays the
82/* values of \fBmain.cf\fR configuration parameters, and warns
83/* about possible mis-typed parameter names (Postfix 2.9 and later).
84/* It can also change \fBmain.cf\fR configuration
85/* parameter values, or display other configuration information
86/* about the Postfix mail system.
87/*
88/* Options:
89/* .IP \fB-a\fR
90/* List the available SASL server plug-in types. The SASL
91/* plug-in type is selected with the \fBsmtpd_sasl_type\fR
92/* configuration parameter by specifying one of the names
93/* listed below.
94/* .RS
95/* .IP \fBcyrus\fR
96/* This server plug-in is available when Postfix is built with
97/* Cyrus SASL support.
98/* .IP \fBdovecot\fR
99/* This server plug-in uses the Dovecot authentication server,
100/* and is available when Postfix is built with any form of SASL
101/* support.
102/* .RE
103/* .IP
104/* This feature is available with Postfix 2.3 and later.
105/* .IP \fB-A\fR
106/* List the available SASL client plug-in types. The SASL
107/* plug-in type is selected with the \fBsmtp_sasl_type\fR or
108/* \fBlmtp_sasl_type\fR configuration parameters by specifying
109/* one of the names listed below.
110/* .RS
111/* .IP \fBcyrus\fR
112/* This client plug-in is available when Postfix is built with
113/* Cyrus SASL support.
114/* .RE
115/* .IP
116/* This feature is available with Postfix 2.3 and later.
117/* .IP "\fB-b\fR [\fItemplate_file\fR]"
118/* Display the message text that appears at the beginning of
119/* delivery status notification (DSN) messages, replacing
120/* $\fBname\fR expressions with actual values as described in
121/* \fBbounce\fR(5).
122/*
123/* To override the built-in templates, specify a template file
124/* name at the end of the \fBpostconf\fR(1) command line, or
125/* specify a file name in \fBmain.cf\fR with the
126/* \fBbounce_template_file\fR parameter.
127/*
128/* To force selection of the built-in templates, specify an
129/* empty template file name on the \fBpostconf\fR(1) command
130/* line (in shell language: "").
131/*
132/* This feature is available with Postfix 2.3 and later.
133/* .IP "\fB-c \fIconfig_dir\fR"
134/* The \fBmain.cf\fR configuration file is in the named directory
135/* instead of the default configuration directory.
136/* .IP "\fB-C \fIclass,...\fR"
137/* When displaying \fBmain.cf\fR parameters, select only
138/* parameters from the specified class(es):
139/* .RS
140/* .IP \fBbuiltin\fR
141/* Parameters with built-in names.
142/* .IP \fBservice\fR
143/* Parameters with service-defined names (the first field of
144/* a \fBmaster.cf\fR entry plus a Postfix-defined suffix).
145/* .IP \fBuser\fR
146/* Parameters with user-defined names.
147/* .IP \fBall\fR
148/* All the above classes.
149/* .RE
150/* .IP
151/* The default is as if "\fB-C all\fR" is
152/* specified.
153/*
154/* This feature is available with Postfix 2.9 and later.
155/* .IP \fB-d\fR
156/* Print \fBmain.cf\fR default parameter settings instead of
157/* actual settings.
158/* Specify \fB-df\fR to fold long lines for human readability
159/* (Postfix 2.9 and later).
160/* .IP \fB-e\fR
161/* Edit the \fBmain.cf\fR configuration file, and update
162/* parameter settings with the "\fIname=value\fR" pairs on the
163/* \fBpostconf\fR(1) command line.
164/*
165/* With \fB-M\fR, edit the \fBmaster.cf\fR configuration file,
166/* and replace one or more service entries with new values as
167/* specified with "\fIservice/type=value\fR" on the \fBpostconf\fR(1)
168/* command line.
169/*
170/* With \fB-F\fR, edit the \fBmaster.cf\fR configuration file,
171/* and replace one or more service fields with new values as
172/* specied with "\fIservice/type/field=value\fR" on the
173/* \fBpostconf\fR(1) command line. Currently, the "command"
174/* field contains the command name and command arguments. this
175/* may change in the near future, so that the "command" field
176/* contains only the command name, and a new "arguments"
177/* pseudofield contains the command arguments.
178/*
179/* With \fB-P\fR, edit the \fBmaster.cf\fR configuration file,
180/* and add or update one or more service parameter settings
181/* (-o parameter=value settings) with new values as specied
182/* with "\fIservice/type/parameter=value\fR" on the \fBpostconf\fR(1)
183/* command line.
184/*
185/* In all cases the file is copied to a temporary file then
186/* renamed into place. Specify quotes to protect special
187/* characters and whitespace on the \fBpostconf\fR(1) command
188/* line.
189/*
190/* The \fB-e\fR option is no longer needed with Postfix version
191/* 2.8 and later.
192/* .IP \fB-f\fR
193/* Fold long lines when printing \fBmain.cf\fR or \fBmaster.cf\fR
194/* configuration file entries, for human readability.
195/*
196/* This feature is available with Postfix 2.9 and later.
197/* .IP \fB-F\fR
198/* Show \fBmaster.cf\fR per-entry field settings (by default
199/* all services and all fields), formatted as
200/* "\fIservice/type/field=value\fR", one per line. Specify
201/* \fB-Ff\fR to fold long lines.
202/*
203/* Specify one or more "\fIservice/type/field\fR" instances
204/* on the \fBpostconf\fR(1) command line to limit the output
205/* to fields of interest. Trailing parameter name or service
206/* type fields that are omitted will be handled as "*" wildcard
207/* fields.
208/*
209/* This feature is available with Postfix 2.11 and later.
210/* .IP \fB-h\fR
211/* Show parameter or attribute values without the "\fIname\fR
212/* = " label that normally precedes the value.
213/* .IP \fB-H\fR
214/* Show parameter or attribute names without the " = \fIvalue\fR"
215/* that normally follows the name.
216/*
217/* This feature is available with Postfix 3.1 and later.
218/* .IP \fB-l\fR
219/* List the names of all supported mailbox locking methods.
220/* Postfix supports the following methods:
221/* .RS
222/* .IP \fBflock\fR
223/* A kernel-based advisory locking method for local files only.
224/* This locking method is available on systems with a BSD
225/* compatible library.
226/* .IP \fBfcntl\fR
227/* A kernel-based advisory locking method for local and remote
228/* files.
229/* .IP \fBdotlock\fR
230/* An application-level locking method. An application locks
231/* a file named \fIfilename\fR by creating a file named
232/* \fIfilename\fB.lock\fR. The application is expected to
233/* remove its own lock file, as well as stale lock files that
234/* were left behind after abnormal program termination.
235/* .RE
236/* .IP \fB-m\fR
237/* List the names of all supported lookup table types. In
238/* Postfix configuration files, lookup tables are specified
239/* as \fItype\fB:\fIname\fR, where \fItype\fR is one of the
240/* types listed below. The table \fIname\fR syntax depends on
241/* the lookup table type as described in the DATABASE_README
242/* document.
243/* .RS
244/* .IP \fBbtree\fR
245/* A sorted, balanced tree structure. Available on systems
246/* with support for Berkeley DB databases.
247/* .IP \fBcdb\fR
248/* A read-optimized structure with no support for incremental
249/* updates. Available on systems with support for CDB databases.
250/* .IP \fBcidr\fR
251/* A table that associates values with Classless Inter-Domain
252/* Routing (CIDR) patterns. This is described in \fBcidr_table\fR(5).
253/* .IP \fBdbm\fR
254/* An indexed file type based on hashing. Available on systems
255/* with support for DBM databases.
256/* .IP \fBenviron\fR
257/* The UNIX process environment array. The lookup key is the
258/* variable name. Originally implemented for testing, someone
259/* may find this useful someday.
260/* .IP \fBfail\fR
261/* A table that reliably fails all requests. The lookup table
262/* name is used for logging. This table exists to simplify
263/* Postfix error tests.
264/* .IP \fBhash\fR
265/* An indexed file type based on hashing. Available on systems
266/* with support for Berkeley DB databases.
267/* .IP "\fBinline\fR (read-only)"
268/* A non-shared, in-memory lookup table. Example: "\fBinline:{
269/* \fIkey\fB=\fIvalue\fB, { \fIkey\fB = \fItext with whitespace
270/* or comma\fB }}\fR". Key-value pairs are separated by
271/* whitespace or comma; whitespace after "\fB{\fR" and before "\fB}\fR"
272/* is ignored. Inline tables eliminate the need to create a
273/* database file for just a few fixed elements. See also the
274/* \fIstatic:\fR map type.
275/* .IP \fBinternal\fR
276/* A non-shared, in-memory hash table. Its content are lost
277/* when a process terminates.
278/* .IP "\fBlmdb\fR"
279/* OpenLDAP LMDB database (a memory-mapped, persistent file).
280/* Available on systems with support for LMDB databases. This
281/* is described in \fBlmdb_table\fR(5).
282/* .IP "\fBldap\fR (read-only)"
283/* LDAP database client. This is described in \fBldap_table\fR(5).
284/* .IP "\fBmemcache\fR"
285/* Memcache database client. This is described in
286/* \fBmemcache_table\fR(5).
287/* .IP "\fBmysql\fR (read-only)"
288/* MySQL database client. Available on systems with support
289/* for MySQL databases. This is described in \fBmysql_table\fR(5).
290/* .IP "\fBpcre\fR (read-only)"
291/* A lookup table based on Perl Compatible Regular Expressions.
292/* The file format is described in \fBpcre_table\fR(5).
293/* .IP "\fBpgsql\fR (read-only)"
294/* PostgreSQL database client. This is described in
295/* \fBpgsql_table\fR(5).
296/* .IP "\fBpipemap\fR (read-only)"
297/* A lookup table that constructs a pipeline of tables. Example:
298/* "\fBpipemap:{\fItype_1:name_1, ..., type_n:name_n\fB}\fR".
299/* Each "pipemap:" query is given to the first table. Each
300/* lookup result becomes the query for the next table in the
301/* pipeline, and the last table produces the final result.
302/* When any table lookup produces no result, the pipeline
303/* produces no result. The first and last characters of the
304/* "pipemap:" table name must be "\fB{\fR" and "\fB}\fR".
305/* Within these, individual maps are separated with comma or
306/* whitespace.
307/* .IP "\fBproxy\fR"
308/* Postfix \fBproxymap\fR(8) client for shared access to Postfix
309/* databases. The table name syntax is \fItype\fB:\fIname\fR.
310/* .IP "\fBrandmap\fR (read-only)"
311/* An in-memory table that performs random selection. Example:
312/* "\fBrandmap:{\fIresult_1, ..., result_n\fB}\fR". Each table query
313/* returns a random choice from the specified results. The first
314/* and last characters of the "randmap:" table name must be
315/* "\fB{\fR" and "\fB}\fR". Within these, individual results
316/* are separated with comma or whitespace. To give a specific
317/* result more weight, specify it multiple times.
318/* .IP "\fBregexp\fR (read-only)"
319/* A lookup table based on regular expressions. The file format
320/* is described in \fBregexp_table\fR(5).
321/* .IP \fBsdbm\fR
322/* An indexed file type based on hashing. Available on systems
323/* with support for SDBM databases.
324/* .IP "\fBsocketmap\fR (read-only)"
325/* Sendmail-style socketmap client. The table name is
326/* \fBinet\fR:\fIhost\fR:\fIport\fR:\fIname\fR for a TCP/IP
327/* server, or \fBunix\fR:\fIpathname\fR:\fIname\fR for a
328/* UNIX-domain server. This is described in \fBsocketmap_table\fR(5).
329/* .IP "\fBsqlite\fR (read-only)"
330/* SQLite database. This is described in \fBsqlite_table\fR(5).
331/* .IP "\fBstatic\fR (read-only)"
332/* A table that always returns its name as lookup result. For
333/* example, \fBstatic:foobar\fR always returns the string
334/* \fBfoobar\fR as lookup result. Specify "\fBstatic:{ \fItext
335/* with whitespace\fB }\fR" when the result contains whitespace;
336/* this form ignores whitespace after "\fB{\fR" and before
337/* "\fB}\fR". See also the \fIinline:\fR map.
338/* .IP "\fBtcp\fR (read-only)"
339/* TCP/IP client. The protocol is described in \fBtcp_table\fR(5).
340/* .IP "\fBtexthash\fR (read-only)"
341/* Produces similar results as hash: files, except that you
342/* don't need to run the \fBpostmap\fR(1) command before you
343/* can use the file, and that it does not detect changes after
344/* the file is read.
345/* .IP "\fBunionmap\fR (read-only)"
346/* A table that sends each query to multiple lookup tables and
347/* that concatenates all found results, separated by comma.
348/* The table name syntax is the same as for \fBpipemap\fR.
349/* .IP "\fBunix\fR (read-only)"
350/* A limited view of the UNIX authentication database. The
351/* following tables are implemented:
352/* .RS
353/*. IP \fBunix:passwd.byname\fR
354/* The table is the UNIX password database. The key is a login
355/* name. The result is a password file entry in \fBpasswd\fR(5)
356/* format.
357/* .IP \fBunix:group.byname\fR
358/* The table is the UNIX group database. The key is a group
359/* name. The result is a group file entry in \fBgroup\fR(5)
360/* format.
361/* .RE
362/* .RE
363/* .IP
364/* Other table types may exist depending on how Postfix was
365/* built.
366/* .IP \fB-M\fR
367/* Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR
368/* file contents. Specify \fB-Mf\fR to fold long lines for
369/* human readability.
370/*
371/* Specify zero or more arguments, each with a \fIservice-name\fR
372/* or \fIservice-name/service-type\fR pair, where \fIservice-name\fR
373/* is the first field of a master.cf entry and \fIservice-type\fR
374/* is one of (\fBinet\fR, \fBunix\fR, \fBfifo\fR, or \fBpass\fR).
375/*
376/* If \fIservice-name\fR or \fIservice-name/service-type\fR
377/* is specified, only the matching master.cf entries will be
378/* output. For example, "\fBpostconf -Mf smtp\fR" will output
379/* all services named "smtp", and "\fBpostconf -Mf smtp/inet\fR"
380/* will output only the smtp service that listens on the
381/* network. Trailing service type fields that are omitted
382/* will be handled as "*" wildcard fields.
383/*
384/* This feature is available with Postfix 2.9 and later. The
385/* syntax was changed from "\fIname.type\fR" to "\fIname/type\fR",
386/* and "*" wildcard support was added with Postfix 2.11.
387/* .IP \fB-n\fR
388/* Show only configuration parameters that have explicit
389/* \fIname=value\fR settings in \fBmain.cf\fR. Specify \fB-nf\fR
390/* to fold long lines for human readability (Postfix 2.9 and
391/* later).
392/* .IP "\fB-o \fIname=value\fR"
393/* Override \fBmain.cf\fR parameter settings.
394/*
395/* This feature is available with Postfix 2.10 and later.
396/* .IP \fB-p\fR
397/* Show \fBmain.cf\fR parameter settings. This is the default.
398/*
399/* This feature is available with Postfix 2.11 and later.
400/* .IP \fB-P\fR
401/* Show \fBmaster.cf\fR service parameter settings (by default
402/* all services and all parameters), formatted as
403/* "\fIservice/type/parameter=value\fR", one per line. Specify
404/* \fB-Pf\fR to fold long lines.
405/*
406/* Specify one or more "\fIservice/type/parameter\fR" instances
407/* on the \fBpostconf\fR(1) command line to limit the output
408/* to parameters of interest. Trailing parameter name or
409/* service type fields that are omitted will be handled as "*"
410/* wildcard fields.
411/*
412/* This feature is available with Postfix 2.11 and later.
413/* .IP "\fB-t\fR [\fItemplate_file\fR]"
414/* Display the templates for text that appears at the beginning
415/* of delivery status notification (DSN) messages, without
416/* expanding $\fBname\fR expressions.
417/*
418/* To override the built-in templates, specify a template file
419/* name at the end of the \fBpostconf\fR(1) command line, or
420/* specify a file name in \fBmain.cf\fR with the
421/* \fBbounce_template_file\fR parameter.
422/*
423/* To force selection of the built-in templates, specify an
424/* empty template file name on the \fBpostconf\fR(1) command
425/* line (in shell language: "").
426/*
427/* This feature is available with Postfix 2.3 and later.
428/* .IP "\fB-T \fImode\fR"
429/* If Postfix is compiled without TLS support, the \fB-T\fR option
430/* produces no output. Otherwise, if an invalid \fImode\fR is specified,
431/* the \fB-T\fR option reports an error and exits with a non-zero status
432/* code. The valid modes are:
433/* .RS
434/* .IP \fBcompile-version\fR
435/* Output the OpenSSL version that Postfix was compiled with
436/* (i.e. the OpenSSL version in a header file). The output
437/* format is the same as with the command "\fBopenssl version\fR".
438/* .IP \fBrun-version\fR
439/* Output the OpenSSL version that Postfix is linked with at
440/* runtime (i.e. the OpenSSL version in a shared library).
441/* .IP \fBpublic-key-algorithms\fR
442/* Output the lower-case names of the supported public-key
443/* algorithms, one per-line.
444/* .RE
445/* .IP
446/* This feature is available with Postfix 3.1 and later.
447/* .IP \fB-v\fR
448/* Enable verbose logging for debugging purposes. Multiple
449/* \fB-v\fR options make the software increasingly verbose.
450/* .IP \fB-x\fR
451/* Expand \fI$name\fR in \fBmain.cf\fR or \fBmaster.cf\fR
452/* parameter values. The expansion is recursive.
453/*
454/* This feature is available with Postfix 2.10 and later.
455/* .IP \fB-X\fR
456/* Edit the \fBmain.cf\fR configuration file, and remove the
457/* parameters named on the \fBpostconf\fR(1) command line.
458/* Specify a list of parameter names, not "\fIname=value\fR"
459/* pairs.
460/*
461/* With \fB-M\fR, edit the \fBmaster.cf\fR configuration file,
462/* and remove one or more service entries as specified with
463/* "\fIservice/type\fR" on the \fBpostconf\fR(1) command line.
464/*
465/* With \fB-P\fR, edit the \fBmaster.cf\fR configuration file,
466/* and remove one or more service parameter settings (-o
467/* parameter=value settings) as specied with
468/* "\fIservice/type/parameter\fR" on the \fBpostconf\fR(1)
469/* command line.
470/*
471/* In all cases the file is copied to a temporary file then
472/* renamed into place. Specify quotes to protect special
473/* characters on the \fBpostconf\fR(1) command line.
474/*
475/* There is no \fBpostconf\fR(1) command to perform the reverse
476/* operation.
477/*
478/* This feature is available with Postfix 2.10 and later.
479/* Support for -M and -P was added with Postfix 2.11.
480/* .IP \fB-#\fR
481/* Edit the \fBmain.cf\fR configuration file, and comment out
482/* the parameters named on the \fBpostconf\fR(1) command line,
483/* so that those parameters revert to their default values.
484/* Specify a list of parameter names, not "\fIname=value\fR"
485/* pairs.
486/*
487/* With \fB-M\fR, edit the \fBmaster.cf\fR configuration file,
488/* and comment out one or more service entries as specified
489/* with "\fIservice/type\fR" on the \fBpostconf\fR(1) command
490/* line.
491/*
492/* In all cases the file is copied to a temporary file then
493/* renamed into place. Specify quotes to protect special
494/* characters on the \fBpostconf\fR(1) command line.
495/*
496/* There is no \fBpostconf\fR(1) command to perform the reverse
497/* operation.
498/*
499/* This feature is available with Postfix 2.6 and later. Support
500/* for -M was added with Postfix 2.11.
501/* DIAGNOSTICS
502/* Problems are reported to the standard error stream.
503/* ENVIRONMENT
504/* .ad
505/* .fi
506/* .IP \fBMAIL_CONFIG\fR
507/* Directory with Postfix configuration files.
508/* CONFIGURATION PARAMETERS
509/* .ad
510/* .fi
511/* The following \fBmain.cf\fR parameters are especially
512/* relevant to this program.
513/*
514/* The text below provides only a parameter summary. See
515/* \fBpostconf\fR(5) for more details including examples.
516/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
517/* The default location of the Postfix main.cf and master.cf
518/* configuration files.
519/* .IP "\fBbounce_template_file (empty)\fR"
520/* Pathname of a configuration file with bounce message templates.
521/* FILES
522/* /etc/postfix/main.cf, Postfix configuration parameters
523/* /etc/postfix/master.cf, Postfix master daemon configuration
524/* SEE ALSO
525/* bounce(5), bounce template file format
526/* master(5), master.cf configuration file syntax
527/* postconf(5), main.cf configuration file syntax
528/* README FILES
529/* .ad
530/* .fi
531/* Use "\fBpostconf readme_directory\fR" or "\fBpostconf
532/* html_directory\fR" to locate this information.
533/* .na
534/* .nf
535/* DATABASE_README, Postfix lookup table overview
536/* LICENSE
537/* .ad
538/* .fi
539/* The Secure Mailer license must be distributed with this
540/* software.
541/* AUTHOR(S)
542/* Wietse Venema
543/* IBM T.J. Watson Research
544/* P.O. Box 704
545/* Yorktown Heights, NY 10598, USA
546/*
547/* Wietse Venema
548/* Google, Inc.
549/* 111 8th Avenue
550/* New York, NY 10011, USA
551/*--*/
552
553/* System library. */
554
555#include <sys_defs.h>
556#include <sys/stat.h>
557#include <stdlib.h>
558
559/* Utility library. */
560
561#include <msg.h>
562#include <msg_vstream.h>
563#include <dict.h>
564#include <htable.h>
565#include <vstring.h>
566#include <vstream.h>
567#include <stringops.h>
568#include <name_mask.h>
569#include <warn_stat.h>
570#include <mymalloc.h>
571
572/* Global library. */
573
574#include <mail_params.h>
575#include <mail_conf.h>
576#include <mail_version.h>
577#include <mail_run.h>
578#include <mail_dict.h>
579
580/* Application-specific. */
581
582#include <postconf.h>
583
584 /*
585 * Global storage. See postconf.h for description.
586 */
587PCF_PARAM_TABLE *pcf_param_table;
588PCF_MASTER_ENT *pcf_master_table;
589int pcf_cmd_mode = PCF_DEF_MODE;
590
591 /*
592 * Application fingerprinting.
593 */
594MAIL_VERSION_STAMP_DECLARE;
595
596 /*
597 * This program has so many command-line options that we have to implement a
598 * compatibility matrix to weed out the conflicting option combinations, and
599 * to alert the user about option combinations that have no effect.
600 */
601
602 /*
603 * Options that are mutually-exclusive. First entry must specify the major
604 * modes. Other entries specify conflicts between option modifiers.
605 */
606static const int pcf_incompat_options[] = {
607 /* Major modes. */
608 PCF_SHOW_SASL_SERV | PCF_SHOW_SASL_CLNT | PCF_EXP_DSN_TEMPL \
609 |PCF_SHOW_LOCKS | PCF_SHOW_MAPS | PCF_DUMP_DSN_TEMPL | PCF_MAIN_PARAM \
610 |PCF_MASTER_ENTRY | PCF_MASTER_FLD | PCF_MASTER_PARAM | PCF_SHOW_TLS,
611 /* Modifiers. */
612 PCF_SHOW_DEFS | PCF_EDIT_CONF | PCF_SHOW_NONDEF | PCF_COMMENT_OUT \
613 |PCF_EDIT_EXCL,
614 PCF_FOLD_LINE | PCF_EDIT_CONF | PCF_COMMENT_OUT | PCF_EDIT_EXCL,
615 PCF_SHOW_EVAL | PCF_EDIT_CONF | PCF_COMMENT_OUT | PCF_EDIT_EXCL,
616 PCF_MAIN_OVER | PCF_SHOW_DEFS | PCF_EDIT_CONF | PCF_COMMENT_OUT \
617 |PCF_EDIT_EXCL,
618 PCF_HIDE_NAME | PCF_EDIT_CONF | PCF_COMMENT_OUT | PCF_EDIT_EXCL \
619 |PCF_HIDE_VALUE,
620 0,
621};
622
623 /*
624 * Options, and the only options that they are compatible with. There must
625 * be one entry for each major mode. Other entries specify compatibility
626 * between option modifiers.
627 */
628static const int pcf_compat_options[][2] = {
629 /* Major modes. */
630 {PCF_SHOW_SASL_SERV, 0},
631 {PCF_SHOW_SASL_CLNT, 0},
632 {PCF_EXP_DSN_TEMPL, 0},
633 {PCF_SHOW_LOCKS, 0},
634 {PCF_SHOW_MAPS, 0,},
635 {PCF_SHOW_TLS, 0,},
636 {PCF_DUMP_DSN_TEMPL, 0},
637 {PCF_MAIN_PARAM, (PCF_EDIT_CONF | PCF_EDIT_EXCL | PCF_COMMENT_OUT \
638 |PCF_FOLD_LINE | PCF_HIDE_NAME | PCF_PARAM_CLASS \
639 |PCF_SHOW_EVAL | PCF_SHOW_DEFS | PCF_SHOW_NONDEF \
640 |PCF_MAIN_OVER | PCF_HIDE_VALUE)},
641 {PCF_MASTER_ENTRY, (PCF_EDIT_CONF | PCF_EDIT_EXCL | PCF_COMMENT_OUT \
642 |PCF_FOLD_LINE | PCF_MAIN_OVER | PCF_SHOW_EVAL)},
643 {PCF_MASTER_FLD, (PCF_EDIT_CONF | PCF_FOLD_LINE | PCF_HIDE_NAME \
644 |PCF_MAIN_OVER | PCF_SHOW_EVAL | PCF_HIDE_VALUE)},
645 {PCF_MASTER_PARAM, (PCF_EDIT_CONF | PCF_EDIT_EXCL | PCF_FOLD_LINE \
646 |PCF_HIDE_NAME | PCF_MAIN_OVER | PCF_SHOW_EVAL \
647 |PCF_HIDE_VALUE)},
648 /* Modifiers. */
649 {PCF_PARAM_CLASS, (PCF_MAIN_PARAM | PCF_SHOW_DEFS | PCF_SHOW_NONDEF)},
650 0,
651};
652
653 /*
654 * Compatibility to string conversion support.
655 */
656static const NAME_MASK pcf_compat_names[] = {
657 "-a", PCF_SHOW_SASL_SERV,
658 "-A", PCF_SHOW_SASL_CLNT,
659 "-b", PCF_EXP_DSN_TEMPL,
660 "-C", PCF_PARAM_CLASS,
661 "-d", PCF_SHOW_DEFS,
662 "-e", PCF_EDIT_CONF,
663 "-f", PCF_FOLD_LINE,
664 "-F", PCF_MASTER_FLD,
665 "-h", PCF_HIDE_NAME,
666 "-H", PCF_HIDE_VALUE,
667 "-l", PCF_SHOW_LOCKS,
668 "-m", PCF_SHOW_MAPS,
669 "-M", PCF_MASTER_ENTRY,
670 "-n", PCF_SHOW_NONDEF,
671 "-o", PCF_MAIN_OVER,
672 "-p", PCF_MAIN_PARAM,
673 "-P", PCF_MASTER_PARAM,
674 "-t", PCF_DUMP_DSN_TEMPL,
675 "-T", PCF_SHOW_TLS,
676 "-x", PCF_SHOW_EVAL,
677 "-X", PCF_EDIT_EXCL,
678 "-#", PCF_COMMENT_OUT,
679 0,
680};
681
682/* usage - enumerate parameters without compatibility info */
683
684static void usage(const char *progname)
685{
686 msg_fatal("usage: %s"
687 " [-a (server SASL types)]"
688 " [-A (client SASL types)]"
689 " [-b (bounce templates)]"
690 " [-c config_dir]"
691 " [-c param_class]"
692 " [-d (parameter defaults)]"
693 " [-e (edit configuration)]"
694 " [-f (fold lines)]"
695 " [-F (master.cf fields)]"
696 " [-h (no names)]"
697 " [-H (no values)]"
698 " [-l (lock types)]"
699 " [-m (map types)]"
700 " [-M (master.cf)]"
701 " [-n (non-default parameters)]"
702 " [-o name=value (override parameter value)]"
703 " [-p (main.cf, default)]"
704 " [-P (master.cf parameters)]"
705 " [-t (bounce templates)]"
706 " [-T compile-version|run-version|public-key-algorithms]"
707 " [-v (verbose)]"
708 " [-x (expand parameter values)]"
709 " [-X (exclude)]"
710 " [-# (comment-out)]"
711 " [name...]", progname);
712}
713
714/* pcf_check_exclusive_options - complain about mutually-exclusive options */
715
716static void pcf_check_exclusive_options(int optval)
717{
718 const char *myname = "pcf_check_exclusive_options";
719 const int *op;
720 int oval;
721 unsigned mask;
722
723 for (op = pcf_incompat_options; (oval = *op) != 0; op++) {
724 oval &= optval;
725 for (mask = ~0U; (mask & oval) != 0; mask >>= 1) {
726 if ((mask & oval) != oval)
727 msg_fatal("specify one of %s",
728 str_name_mask(myname, pcf_compat_names, oval));
729 }
730 }
731}
732
733/* pcf_check_compat_options - complain about incompatible options */
734
735static void pcf_check_compat_options(int optval)
736{
737 const char *myname = "pcf_check_compat_options";
738 VSTRING *buf1 = vstring_alloc(10);
739 VSTRING *buf2 = vstring_alloc(10);
740 const int (*op)[2];
741 int excess;
742
743 for (op = pcf_compat_options; op[0][0] != 0; op++) {
744 if ((optval & *op[0]) != 0
745 && (excess = (optval & ~((*op)[0] | (*op)[1]))) != 0)
746 msg_fatal("with option %s, do not specify %s",
747 str_name_mask_opt(buf1, myname, pcf_compat_names,
748 (*op)[0], NAME_MASK_NUMBER),
749 str_name_mask_opt(buf2, myname, pcf_compat_names,
750 excess, NAME_MASK_NUMBER));
751 }
752 vstring_free(buf1);
753 vstring_free(buf2);
754}
755
756/* main */
757
758int main(int argc, char **argv)
759{
760 int ch;
761 int fd;
762 struct stat st;
763 ARGV *ext_argv = 0;
764 int param_class = PCF_PARAM_MASK_CLASS;
765 static const NAME_MASK param_class_table[] = {
766 "builtin", PCF_PARAM_FLAG_BUILTIN,
767 "service", PCF_PARAM_FLAG_SERVICE,
768 "user", PCF_PARAM_FLAG_USER,
769 "all", PCF_PARAM_MASK_CLASS,
770 0,
771 };
772 ARGV *override_params = 0;
773 const char *pcf_tls_arg = 0;
774
775 /*
776 * Fingerprint executables and core dumps.
777 */
778 MAIL_VERSION_STAMP_ALLOCATE;
779
780 /*
781 * Be consistent with file permissions.
782 */
783 umask(022);
784
785 /*
786 * To minimize confusion, make sure that the standard file descriptors
787 * are open before opening anything else. XXX Work around for 44BSD where
788 * fstat can return EBADF on an open file descriptor.
789 */
790 for (fd = 0; fd < 3; fd++)
791 if (fstat(fd, &st) == -1
792 && (close(fd), open("/dev/null", O_RDWR, 0)) != fd)
793 msg_fatal("open /dev/null: %m");
794
795 /*
796 * Set up logging.
797 */
798 msg_vstream_init(argv[0], VSTREAM_ERR);
799
800 /*
801 * Parse JCL.
802 */
803 while ((ch = GETOPT(argc, argv, "aAbc:C:deEfFhHlmMno:pPtT:vxX#")) > 0) {
804 switch (ch) {
805 case 'a':
806 pcf_cmd_mode |= PCF_SHOW_SASL_SERV;
807 break;
808 case 'A':
809 pcf_cmd_mode |= PCF_SHOW_SASL_CLNT;
810 break;
811 case 'b':
812 pcf_cmd_mode |= PCF_EXP_DSN_TEMPL;
813 if (ext_argv)
814 msg_fatal("specify one of -b and -t");
815 ext_argv = argv_alloc(2);
816 argv_add(ext_argv, "bounce", "-SVnexpand_templates", (char *) 0);
817 break;
818 case 'c':
819 if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
820 msg_fatal("out of memory");
821 break;
822 case 'C':
823 param_class = name_mask_opt("-C option", param_class_table,
824 optarg, NAME_MASK_ANY_CASE | NAME_MASK_FATAL);
825 break;
826 case 'd':
827 pcf_cmd_mode |= PCF_SHOW_DEFS;
828 break;
829 case 'e':
830 pcf_cmd_mode |= PCF_EDIT_CONF;
831 break;
832 case 'f':
833 pcf_cmd_mode |= PCF_FOLD_LINE;
834 break;
835 case 'F':
836 pcf_cmd_mode |= PCF_MASTER_FLD;
837 break;
838 case '#':
839 pcf_cmd_mode |= PCF_COMMENT_OUT;
840 break;
841 case 'h':
842 pcf_cmd_mode |= PCF_HIDE_NAME;
843 break;
844 case 'H':
845 pcf_cmd_mode |= PCF_HIDE_VALUE;
846 break;
847 case 'l':
848 pcf_cmd_mode |= PCF_SHOW_LOCKS;
849 break;
850 case 'm':
851 pcf_cmd_mode |= PCF_SHOW_MAPS;
852 break;
853 case 'M':
854 pcf_cmd_mode |= PCF_MASTER_ENTRY;
855 break;
856 case 'n':
857 pcf_cmd_mode |= PCF_SHOW_NONDEF;
858 break;
859 case 'o':
860 pcf_cmd_mode |= PCF_MAIN_OVER;
861 if (override_params == 0)
862 override_params = argv_alloc(2);
863 argv_add(override_params, optarg, (char *) 0);
864 break;
865 case 'p':
866 pcf_cmd_mode |= PCF_MAIN_PARAM;
867 break;
868 case 'P':
869 pcf_cmd_mode |= PCF_MASTER_PARAM;
870 break;
871 case 't':
872 pcf_cmd_mode |= PCF_DUMP_DSN_TEMPL;
873 if (ext_argv)
874 msg_fatal("specify one of -b and -t");
875 ext_argv = argv_alloc(2);
876 argv_add(ext_argv, "bounce", "-SVndump_templates", (char *) 0);
877 break;
878 case 'T':
879 if (pcf_cmd_mode & PCF_SHOW_TLS)
880 msg_fatal("At most one -T <mode> option may be specified");
881 pcf_cmd_mode |= PCF_SHOW_TLS;
882 pcf_tls_arg = optarg;
883 break;
884 case 'x':
885 pcf_cmd_mode |= PCF_SHOW_EVAL;
886 break;
887 case 'X':
888 /* This is irreversible, therefore require two-finger action. */
889 pcf_cmd_mode |= PCF_EDIT_EXCL;
890 break;
891 case 'v':
892 msg_verbose++;
893 break;
894 default:
895 usage(argv[0]);
896 }
897 }
898
899 /*
900 * Make all options explicit, before checking their compatibility.
901 */
902#define PCF_MAIN_OR_MASTER \
903 (PCF_MAIN_PARAM | PCF_MASTER_ENTRY | PCF_MASTER_FLD | PCF_MASTER_PARAM)
904
905 if ((pcf_cmd_mode & pcf_incompat_options[0]) == 0)
906 pcf_cmd_mode |= PCF_MAIN_PARAM;
907 if ((pcf_cmd_mode & PCF_MAIN_OR_MASTER)
908 && argv[optind] && strchr(argv[optind], '='))
909 pcf_cmd_mode |= PCF_EDIT_CONF;
910
911 /*
912 * Sanity check.
913 */
914 pcf_check_exclusive_options(pcf_cmd_mode);
915 pcf_check_compat_options(pcf_cmd_mode);
916
917 if ((pcf_cmd_mode & PCF_EDIT_CONF) && argc == optind)
918 msg_fatal("-e requires name=value argument");
919
920 /*
921 * Display bounce template information and exit.
922 */
923 if (ext_argv) {
924 if (argv[optind]) {
925 if (argv[optind + 1])
926 msg_fatal("options -b and -t require at most one template file");
927 argv_add(ext_argv, "-o",
928 concatenate(VAR_BOUNCE_TMPL, "=",
929 argv[optind], (char *) 0),
930 (char *) 0);
931 }
932 /* Grr... */
933 argv_add(ext_argv, "-o",
934 concatenate(VAR_QUEUE_DIR, "=", ".", (char *) 0),
935 (char *) 0);
936 mail_conf_read();
937 mail_run_replace(var_daemon_dir, ext_argv->argv);
938 /* NOTREACHED */
939 }
940
941 /*
942 * If showing map types, show them and exit
943 */
944 if (pcf_cmd_mode & PCF_SHOW_MAPS) {
945 mail_conf_read();
946 mail_dict_init();
947 pcf_show_maps();
948 }
949
950 /*
951 * If showing locking methods, show them and exit
952 */
953 else if (pcf_cmd_mode & PCF_SHOW_LOCKS) {
954 pcf_show_locks();
955 }
956
957 /*
958 * If showing master.cf entries, show them and exit
959 */
960 else if ((pcf_cmd_mode & (PCF_MASTER_ENTRY | PCF_MASTER_FLD | PCF_MASTER_PARAM))
961 && !(pcf_cmd_mode & (PCF_EDIT_CONF | PCF_EDIT_EXCL | PCF_COMMENT_OUT))) {
962 pcf_read_master(PCF_FAIL_ON_OPEN_ERROR);
963 pcf_read_parameters();
964 if (override_params)
965 pcf_set_parameters(override_params->argv);
966 pcf_register_builtin_parameters(basename(argv[0]), getpid());
967 pcf_register_service_parameters();
968 pcf_register_user_parameters();
969 if (pcf_cmd_mode & PCF_MASTER_FLD)
970 pcf_show_master_fields(VSTREAM_OUT, pcf_cmd_mode, argc - optind,
971 argv + optind);
972 else if (pcf_cmd_mode & PCF_MASTER_PARAM)
973 pcf_show_master_params(VSTREAM_OUT, pcf_cmd_mode, argc - optind,
974 argv + optind);
975 else
976 pcf_show_master_entries(VSTREAM_OUT, pcf_cmd_mode, argc - optind,
977 argv + optind);
978 }
979
980 /*
981 * If showing SASL plug-in types, show them and exit
982 */
983 else if (pcf_cmd_mode & PCF_SHOW_SASL_SERV) {
984 pcf_show_sasl(PCF_SHOW_SASL_SERV);
985 } else if (pcf_cmd_mode & PCF_SHOW_SASL_CLNT) {
986 pcf_show_sasl(PCF_SHOW_SASL_CLNT);
987 }
988
989 /*
990 * Show TLS info and exit.
991 */
992 else if (pcf_cmd_mode & PCF_SHOW_TLS) {
993 pcf_show_tls(pcf_tls_arg);
994 }
995
996 /*
997 * Edit main.cf or master.cf.
998 */
999 else if (pcf_cmd_mode & (PCF_EDIT_CONF | PCF_COMMENT_OUT | PCF_EDIT_EXCL)) {
1000 if (optind == argc)
1001 msg_fatal("missing service argument");
1002 if (pcf_cmd_mode & (PCF_MASTER_ENTRY | PCF_MASTER_FLD | PCF_MASTER_PARAM)) {
1003 pcf_edit_master(pcf_cmd_mode, argc - optind, argv + optind);
1004 } else {
1005 pcf_edit_main(pcf_cmd_mode, argc - optind, argv + optind);
1006 }
1007 }
1008
1009 /*
1010 * If showing non-default values, read main.cf.
1011 */
1012 else {
1013 if ((pcf_cmd_mode & PCF_SHOW_DEFS) == 0) {
1014 pcf_read_parameters();
1015 if (override_params)
1016 pcf_set_parameters(override_params->argv);
1017 }
1018 pcf_register_builtin_parameters(basename(argv[0]), getpid());
1019
1020 /*
1021 * Add service-dependent parameters (service names from master.cf)
1022 * and user-defined parameters ($name macros in parameter values in
1023 * main.cf and master.cf, but only if those names have a name=value
1024 * in main.cf or master.cf).
1025 */
1026 pcf_read_master(PCF_WARN_ON_OPEN_ERROR);
1027 pcf_register_service_parameters();
1028 if ((pcf_cmd_mode & PCF_SHOW_DEFS) == 0)
1029 pcf_register_user_parameters();
1030
1031 /*
1032 * Show the requested values.
1033 */
1034 pcf_show_parameters(VSTREAM_OUT, pcf_cmd_mode, param_class,
1035 argv + optind);
1036
1037 /*
1038 * Flag unused parameters. This makes no sense with "postconf -d",
1039 * because that ignores all the user-specified parameters and
1040 * user-specified macro expansions in main.cf.
1041 */
1042 if ((pcf_cmd_mode & PCF_SHOW_DEFS) == 0) {
1043 pcf_flag_unused_main_parameters();
1044 pcf_flag_unused_master_parameters();
1045 }
1046 }
1047 vstream_fflush(VSTREAM_OUT);
1048 exit(0);
1049}
1050